Safe data sharing and data dissemination on smart devices

Authors:
Luc Bouganim;Cosmin Cremarenco;François Dang Ngoc;Nicolas Dieu;Philippe Pucheral
Affiliations:
I.N.R.I.A. Rocquencourt, Cedex, France;I.N.R.I.A. Rocquencourt, Cedex, France;I.N.R.I.A. Rocquencourt, Cedex, France;I.N.R.I.A. Rocquencourt, Cedex, France;I.N.R.I.A. Rocquencourt, Cedex, France
Venue:
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Year:
2005

Citing 8
Cited 2

A fine-grained access control system for XML documents

ACM Transactions on Information and System Security (TISSEC)
Containment and equivalence for an XPath fragment

Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Executing SQL over encrypted data in the database-service-provider model

Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Securing XML Documents with Author-X

IEEE Internet Computing
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
XPath queries on streaming data

Proceedings of the 2003 ACM SIGMOD international conference on Management of data
GnatDb: a small-footprint, secure database system

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Client-based access control management for XML documents

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30

Dynamic authenticated index structures for outsourced databases

Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Dynamic access-control policies on XML encrypted data

ACM Transactions on Information and System Security (TISSEC)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The erosion of trust put in traditional database servers and in Database Service Providers (DSP), the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Due to the intrinsic untrustworthiness of client devices, client-based access control solutions rely on data encryption. The data are kept encrypted at the server and a client is granted access to subparts of them according to the decryption keys in its possession. Several variations of this basic model have been proposed (e.g., [1, 6]) but they have in common to minimize the trust required on the client at the cost of a static way of sharing data. Indeed, whatever the granularity of sharing, the dataset is split in subsets reflecting a current sharing situation, each encrypted with a different key. Once the dataset is encrypted, changes in the access control rules definition may impact the subset boundaries, hence incurring a partial re-encryption of the dataset and a potential redistribution of keys.